X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=NodeUpdate.py;h=b555437362595140fd22f01973784ed8a7d0800e;hb=a60eb2c1c02b4d9e1c72395b8f580f29588601ca;hp=e3f890a49e5bfa3cd7f52ac0fa876492efb33098;hpb=c2bea61a8fab54280e75251b2a4faab3478d7e5d;p=nodeupdate.git

diff --git a/NodeUpdate.py b/NodeUpdate.py
index e3f890a..b555437 100644
--- a/NodeUpdate.py
+++ b/NodeUpdate.py
@@ -65,6 +65,8 @@ YUM_PATH = "/usr/bin/yum"
 
 RPM_PATH = "/bin/rpm"
 
+RPM_GPG_PATH = "/etc/pki/rpm-gpg"
+
 
 # location of file containing http/https proxy info, if needed
 PROXY_FILE = '/etc/planetlab/http_proxy'
@@ -154,6 +156,14 @@ class NodeUpdate:
             return 0
 
 
+    def InstallKeys( self ):
+        Message( "\nRemoving any existing GPG signing keys from the RPM database" )
+        os.system( "%s --allmatches -e gpg-pubkey" % RPM_PATH )
+
+        Message( "\nInstalling all GPG signing keys in %s" % RPM_GPG_PATH )
+        os.system( "%s --import %s/*" % (RPM_PATH, RPM_GPG_PATH) )
+
+
     def ClearRebootFlag( self ):
         os.system( "/bin/rm -rf %s" % REBOOT_FLAG )
 
@@ -165,14 +175,22 @@ class NodeUpdate:
 
         if self.doReboot == 0:
             Message( "\nIgnoring any reboot flags set by RPMs" );
+
+        Message( "\nChecking if yum supports SSL certificate checks" )
+        if os.system( "%s --help | grep -q sslcertdir" % YUM_PATH ) == 0:
+            Message( "Yes, using --sslcertdir option" )
+            sslcertdir = "--sslcertdir=" + SSL_CERT_DIR
+        else:
+            Message( "No, not using --sslcertdir option" )
+            sslcertdir = ""
                     
         Message( "\nUpdating PlanetLab group" )
-        os.system( "%s --sslcertdir=%s -y groupupdate \"PlanetLab\"" %
-                   (YUM_PATH,SSL_CERT_DIR) )
+        os.system( "%s %s -y groupupdate \"PlanetLab\"" %
+                   (YUM_PATH, sslcertdir) )
 
         Message( "\nUpdating rest of system" )
-        os.system( "%s --sslcertdir=%s -y update" %
-                   (YUM_PATH,SSL_CERT_DIR) )
+        os.system( "%s %s -y update" %
+                   (YUM_PATH, sslcertdir) )
 
         Message( "\nChecking for extra groups to update" )
         if os.access(EXTRA_GROUPS_FILE, os.R_OK) and \
@@ -184,8 +202,8 @@ class NodeUpdate:
             else:
                 for group in string.split(extra_groups_contents,"\n"):
                     Message( "\nUpdating %s group" % group )
-                    os.system( "%s --sslcertdir=%s -y groupupdate \"%s\"" %
-                               (YUM_PATH,SSL_CERT_DIR,group) )
+                    os.system( "%s %s -y groupupdate \"%s\"" %
+                               (YUM_PATH, sslcertdir, group) )
         else:
             Message( "No extra groups file found" )
             
@@ -278,6 +296,7 @@ if __name__ == "__main__":
         Error( "Unable to initialize." )
     else:
         nodeupdate.RemoveRPMS()
+        nodeupdate.InstallKeys()
         nodeupdate.CheckForUpdates()
         Message( "\nUpdate complete." )